NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
DoS attack, Teardrop or derivative, Ping of Death, strange IPv6 Parsing Solution (I use C7000v2)
I am reposting the solution below because it appears to have worked for me and the discussion it was from was closed and no one had confirmed it worked. I am on my third set of Netgear routers or modem/routers. I have used Motorola modems and Netgear R7000 or R7000P and currently tested this fix on my Netgear C7000v2 modem/router combo. I'm posting this because I saw very long discussions with no apparent conclusion. Before I tried the solution below I would constantly get lags, packet losses, etc. Sometimes it seemed to happen more than others. I got a lot of errors including a lot of the one mentioned in the title, but also some T3 errors and others. I would get MANY per day. Yesterday, I found the solution below and tried it. I've had no errors since then. I realize this is only one day of testing and perhaps tonight I'll find out differently but I'm hopeful this actually has worked as I tested it on Rocket league and checked with my family members to see if it seemed better. I thought I'd post this and see if it helps others. From what I understand below, it is Netgear's issue but has never been fixed. When I made the change and the C7000v2 rebooted, the date in the event log changed to 1/1/1970 but I've found no problems with that. After rebooting, I have had no errors. I also had changed a few things like channels before but it did not help anything other than the microwave in our kitchen not interrupting our wifi. I hope it works for others as it has been an extremely frustrating issue that Netgear tried to pin on my ISP because there were a few T3 errors. Surprisingly, I not only do not see the Dos attack errors but also a variety of others are gone.
2020-10-31 01:19 PM
I have found a solution to this two year old, unresolved problem:
Summary of problem:
Router logs will show DoS attack, Teardrop or derivative, Ping of Death coming from a strange IP address. When you trace this IP, it will be weird from a foreign country.
The router will keep dropping connection due to these assumed D-DoS attacks.
Problem has not seen a firmware fix in two years.
Root Cause:
@fqm889identified the root cause as firmware bug, where Netgear mis-parses IPv6 address.
ipv6 address:
xxxx:xxxx:aabb:ccdd:eeff:gghh:xxxx:xxxx
Change aa bb cc dd ee ff gg hh from heximal to decimal AAA BBB CCC DDD EEE FFF GGG HHH
Then you can find that AAA.BBB.CCC.DDD is your source and EEE.FFF.GGG.HHH is your destination of 'DoS' packets.
User @fduate has provided a graphical represenation in the attached PNG photo.
Solution:
Self-assigned IPv6 addresses are causing this issue, and this is resolved by enabling DHCP for IPv6.
Navigate to:
Admin Panel > Advanced Tab > Advanced Setup > IPv6 > IP Address Assignment
Then click "Use DHCP server".
Copy "Router delegated prefix" (The value usually ending in /64)
Paste previous value in "Start IP Address" and edit last three characters "/64" to "3/60".
Click "Apply" and reboot.
Enjoy!
2 Replies
Updating my post: Still have almost NO errors, One T3 error and no SYNC errors or other in the EVENT LOG in 24h. However, I was wrong about the DOS attacks. They show up in the logs, not the event logs and I still have some groups of them. However, performance of the Wifi/router continues to be excellent since I made the above change. Momentary lags this evening only (maybe ISP?), no packet losses indicated when normally I would have a hard time playing a few minutes without problems. Will see if it continues.
Updating again. Alas, things are better and still no errors in event log BUT lags/packet loss started again. Trying a Motorola modem/router combo MG7550 and having NO lagging on 5GHz but tons of lagging on 2.4GHz. Also, oddly, while changing the channel on 2.4 for the C7000 Netgear modem/router solved our microwave interference problem, it has not helped for the Motorola modem.